#!/bin/sh

# wait to start web and run from goahead code
. /etc/scripts/web_wait.sh
web_wait

# get params
. /etc/scripts/global.sh

# get local param always
eval `nvram_buf_get 2860 vpnInterface vpnUser vpnPassword l2tp_srv_enabled`

# constants
LOG="logger -t vpnhelper"
ppp=/etc/ppp

start() {
    if [ "$vpnEnabled" = "on" ]; then

      # wait connetc to ap in sta mode
      # if VPN=PPPOE and vpnInterface=LAN no need wait
      if [ "$vpnType" != "0" ]; then
        wait_connect
      else
	if [ "$vpnInterface" != "LAN" ]; then
    	    wait_connect
	fi
      fi

      $LOG "Start vpnhelper"
      # clear all configs and generate new
      echo > $ppp/chap-secrets
      echo > $ppp/pap-secrets
      echo > $ppp/connect-errors
      echo "$vpnUser * $vpnPassword *" > $ppp/chap-secrets
      echo "$vpnUser * $vpnPassword *" > $ppp/pap-secrets

      # call to vpn
      if [ "$vpnType" = "0" ]; then
	$LOG "PPPOE calling..."
	(sleep 5 && /etc/scripts/config-pppoe.sh) &
      elif [ "$vpnType" = "1" ]; then
	$LOG "PPTP calling..."
	(sleep 5 && /etc/scripts/config-pptp.sh) &
      elif [ "$vpnType" = "2" ]; then
	$LOG "L2TP calling..."
	(sleep 5 && /etc/scripts/config-l2tp.sh) &
      elif [ "$vpnType" = "6" ]; then
	lanauthpid=`pidof lanauth`
	if [ "$lanauthpid" != "" ]; then
	    $LOG "LANAUTH call reload..."
	    /etc/scripts/config-lanauth.sh reload &
	else
	    $LOG "LANAUTH calling..."
	    (sleep 5 && /etc/scripts/config-lanauth.sh start) &
	fi
      fi
    fi
}

stop() {
 $LOG "Stop vpnhelper"
    # Kill helpers
    killall -q config-pppoe.sh
    killall -q config-l2tp.sh
    killall -q config-pptp.sh
    killall -q config-lanauth.sh
    killall -q -SIGKILL config-pppoe.sh
    killall -q -SIGKILL config-l2tp.sh
    killall -q -SIGKILL config-pptp.sh
    killall -q -SIGKILL config-lanauth.sh

    # Kill lanauth only if vpn disable
    if [ "$vpnEnabled" = "off" ] || [ "$vpnType" != "6" ]; then
	    /etc/scripts/config-lanauth.sh stop
    fi

    # stop all pppd/xl2tpd daemons
    killall_vpn

    # prevent loop
    flush_net_caches

    if [ -f /tmp/is_16ram_dev ] && [ "$l2tp_srv_enabled" != "1" ]; then
	# At 16Mb devices remove modules for savemem.
	mod="ppp_mppe blkcipher cryptomgr crypto_algapi pppoe pppol2tp pptp pppox ppp_generic"
	for module in $mod
	do
	    rmmod $module > /dev/null 2>&1
	done
    fi
    # remove vpn_if_name export
    rm -f /tmp/vpn_if_name
}

######################################################
# L2TP and PPTP kernel route dead-loop workaround
# PPPOE or not gateway mode no need this workaround
# Clear all connection in conntrack and route cache
######################################################
stop_safe() {
    if [ "$OperationMode" != "0" ] && [ "$vpnEnabled" = "on" ] && [ "$vpnType" != "0" ] && [ "$ApCliBridgeOnly" != "1" ]; then
	flush_net_caches
	stop > /dev/null 2>&1
    fi
}


case "$1" in
	start)
	    start
	    ;;

	stop)
	    stop
	    ;;

	stop_safe)
	    stop_safe
	    ;;

	restart)
	    stop
	    start
	    ;;

	*)
	    echo $"Usage: $0 {start|stop|restart}"
	    exit 1
esac
